Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(rds): publiclyAccessible=false set on an instance is ignored when cluster is placed in a public subnet #28038

Merged
merged 25 commits into from
Dec 7, 2023
Merged

fix(rds): publiclyAccessible=false set on an instance is ignored when cluster is placed in a public subnet #28038

merged 25 commits into from
Dec 7, 2023

Conversation

juanheyns
Copy link
Contributor

This change fixes the incorrect behavior as explained in #28037.

Using null coalescing operator in TypeScript will use the original value of publiclyAccessible set on the ServerlessV2ClusterInstanceProps.

Closes #28037.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

@github-actions github-actions bot added bug This issue is a bug. p2 labels Nov 16, 2023
@aws-cdk-automation aws-cdk-automation requested a review from a team November 16, 2023 17:23
@github-actions github-actions bot added the beginning-contributor [Pilot] contributed between 0-2 PRs to the CDK label Nov 16, 2023
aws-cdk-automation
aws-cdk-automation previously requested changes Nov 16, 2023
View reviewed changes
Copy link
Collaborator

@aws-cdk-automation aws-cdk-automation left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The pull request linter has failed. See the aws-cdk-automation comment below for failure reasons. If you believe this pull request should receive an exemption, please comment and provide a justification.

A comment requesting an exemption should contain the text Exemption Request. Additionally, if clarification is needed add Clarification Request to a comment.

@juanheyns juanheyns marked this pull request as draft November 16, 2023 17:54
@juanheyns juanheyns marked this pull request as ready for review November 16, 2023 18:52
@juanheyns juanheyns marked this pull request as draft November 16, 2023 18:54
@aws-cdk-automation aws-cdk-automation dismissed their stale review November 16, 2023 22:30

✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.

@juanheyns juanheyns marked this pull request as ready for review November 16, 2023 22:49
@aws-cdk-automation aws-cdk-automation added the pr/needs-community-review This PR needs a review from a Trusted Community Member or Core Team Member. label Nov 16, 2023
lpizzinidev
lpizzinidev suggested changes Nov 17, 2023
View reviewed changes
Copy link
Contributor

@lpizzinidev lpizzinidev left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the contribution!
Feel free to comment on the proposed changes.
Also, the documentation for publiclyAccessible should be updated here and here.
Finally, the title should describe the bug (not the solution), as per guidelines.

packages/aws-cdk-lib/aws-rds/lib/aurora-cluster-instance.ts Outdated Show resolved Hide resolved
packages/aws-cdk-lib/aws-rds/lib/aurora-cluster-instance.ts Outdated Show resolved Hide resolved
packages/aws-cdk-lib/aws-rds/lib/aurora-cluster-instance.ts Outdated Show resolved Hide resolved
packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-public-subnets.ts Outdated Show resolved Hide resolved
@aws-cdk-automation aws-cdk-automation removed the pr/needs-community-review This PR needs a review from a Trusted Community Member or Core Team Member. label Nov 17, 2023
@juanheyns juanheyns changed the title fix(rds): never ignore publiclyAccessible if it has been set fix(rds): instance publiclyAccessible=false ignored when cluster is in public subnet Nov 20, 2023
@github-actions github-actions bot added the effort/medium Medium work item – several days of effort label Nov 20, 2023
juanheyns and others added 4 commits November 20, 2023 14:16
@juanheyns @lpizzinidev
Update packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/in…
e6b9770 
…teg.cluster-public-subnets.ts

Co-authored-by: Luca Pizzini <lpizzini7@gmail.com>
@juanheyns @lpizzinidev
Update packages/aws-cdk-lib/aws-rds/lib/aurora-cluster-instance.ts
d581d7a 
Co-authored-by: Luca Pizzini <lpizzini7@gmail.com>
@juanheyns @lpizzinidev
Update packages/aws-cdk-lib/aws-rds/lib/aurora-cluster-instance.ts
316f11a 
Co-authored-by: Luca Pizzini <lpizzini7@gmail.com>
@juanheyns @lpizzinidev
Update packages/aws-cdk-lib/aws-rds/lib/aurora-cluster-instance.ts
920011e 
Co-authored-by: Luca Pizzini <lpizzini7@gmail.com>
@juanheyns juanheyns changed the title fix(rds): instance publiclyAccessible=false ignored when cluster is in public subnet fix(rds): publiclyAccessible=false set on an instance is ignored when cluster is placed in a public subnet Nov 20, 2023
@aws-cdk-automation aws-cdk-automation dismissed their stale review November 23, 2023 01:38

✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.

@lpizzinidev
Copy link
Contributor

@juanheyns
Thanks for the clarification on the default behavior.
If you could please update the snapshot for the integration test (the build is failing because of that) I will then approve the PR.

@juanheyns
Copy link
Contributor Author

@juanheyns Thanks for the clarification on the default behavior. If you could please update the snapshot for the integration test (the build is failing because of that) I will then approve the PR.

Hi @lpizzinidev I can see it is failing because of the integration test, I updated it with yarn integ --update-on-failed test/aws-rds/test/integ.cluster-public-subnets.js. See 2f410b8

I am wondering if I need to configure a different account to deploy the integration test into? If I am missing something with running the test locally please point me to the documentation on how to set it up.

@lpizzinidev
Copy link
Contributor

@juanheyns
It looks like the integration test snapshot has not been updated after the last changes.
It still contains the original resources.
You should build it and execute it again:

  1. cd packages/@aws-cdk-testing/framework-integ
  2. yarn build
  3. yarn integ --update-on-failed test/aws-rds/test/integ.cluster-public-subnets.js

@juanheyns
Copy link
Contributor Author

@juanheyns It looks like the integration test snapshot has not been updated after the last changes. It still contains the original resources. You should build it and execute it again:

  1. cd packages/@aws-cdk-testing/framework-integ
  2. yarn build
  3. yarn integ --update-on-failed test/aws-rds/test/integ.cluster-public-subnets.js

@lpizzinidev my bad, I forgot to build the stack first.

@juanheyns
Copy link
Contributor Author

@lpizzinidev All checks are passing now, ready to review.

@aws-cdk-automation aws-cdk-automation added the pr/needs-maintainer-review This PR needs a review from a Core Team Member label Nov 29, 2023
@github-actions github-actions bot mentioned this pull request Dec 1, 2023
Closed
scanlonp
scanlonp previously approved these changes Dec 7, 2023
View reviewed changes
Copy link
Contributor

@scanlonp scanlonp left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The logic change for aurora cluster instance looks good to me. I think the standardization in instance is good even though the logic is the same. Good tests.
Thanks @lpizzinidev for the review comments! And thank you @juanheyns for the contribution!

@mergify Mergify
Copy link
Contributor

mergify bot commented Dec 7, 2023

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@aws-cdk-automation aws-cdk-automation removed the pr/needs-maintainer-review This PR needs a review from a Core Team Member label Dec 7, 2023
@mergify Mergify
Copy link
Contributor

mergify bot commented Dec 7, 2023

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@mergify mergify bot dismissed scanlonp’s stale review December 7, 2023 13:14

Pull request has been modified.

@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
  • Commit ID: 86a97aa
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@mergify Mergify
Copy link
Contributor

mergify bot commented Dec 7, 2023

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@mergify mergify bot merged commit 569593c into aws:main Dec 7, 2023
11 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lpizzinidev lpizzinidev lpizzinidev approved these changes

@scanlonp scanlonp scanlonp approved these changes

@aws-cdk-automation aws-cdk-automation Awaiting requested review from aws-cdk-automation

Assignees
No one assigned
Labels
beginning-contributor [Pilot] contributed between 0-2 PRs to the CDK bug This issue is a bug. effort/medium Medium work item – several days of effort p2
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

rds: AuroraClusterInstance ignores publiclyAccessible set to false when cluster is placed in public subnet
4 participants
@juanheyns @lpizzinidev @aws-cdk-automation @scanlonp